Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
File: A5307E284CEF11F092F69C81C4F9AE02.roa (raw, json)
Hash identifier: NM6XJemfTUWbZD5USjCUF06iWFcxtpplXM/BhjMLwTs=
Subject key identifier: E3:2C:6F:91:69:BA:29:E9:77:59:62:E5:7A:DA:45:C2:9A:30:61:8E
Certificate issuer: /CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Certificate serial: 0762
Authority key identifier: A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
Signing time: Thu 19 Jun 2025 09:27:40 +0000
ROA not before: Thu 19 Jun 2025 09:27:40 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139009
IP address blocks: 14.1.100.0/24 maxlen: 24
14.1.101.0/24 maxlen: 24
14.1.102.0/23 maxlen: 23
14.1.102.0/24 maxlen: 24
14.1.103.0/24 maxlen: 24
103.161.168.0/23 maxlen: 24
202.173.120.0/22 maxlen: 22
202.173.120.0/23 maxlen: 23
202.173.120.0/24 maxlen: 24
202.173.121.0/24 maxlen: 24
202.173.122.0/23 maxlen: 23
202.173.122.0/24 maxlen: 24
202.173.123.0/24 maxlen: 24
2407:d40::/32 maxlen: 32
2407:d40::/36 maxlen: 36
2407:d40::/48 maxlen: 48
2407:d40:f::/48 maxlen: 48
2407:d40:100::/48 maxlen: 48
2407:d40:101::/48 maxlen: 48
2407:d40:102::/48 maxlen: 48
2407:d40:103::/48 maxlen: 48
2407:d40:106::/48 maxlen: 48
2407:d40:107::/48 maxlen: 48
2407:d40:108::/48 maxlen: 48
2407:d40:109::/48 maxlen: 48
2407:d40:10f::/48 maxlen: 48
2407:d40:122::/48 maxlen: 48
2407:d40:126::/48 maxlen: 48
2407:d40:140::/48 maxlen: 48
2407:d40:142::/48 maxlen: 48
2407:d40:201::/48 maxlen: 48
2407:d40:202::/48 maxlen: 48
2407:d40:203::/48 maxlen: 48
2407:d40:204::/48 maxlen: 48
2407:d40:205::/48 maxlen: 48
2407:d40:206::/48 maxlen: 48
2407:d40:207::/48 maxlen: 48
2407:d40:208::/48 maxlen: 48
2407:d40:8000::/48 maxlen: 48
2407:d40:8007::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 22:17:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1890 (0x762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91871C2, serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Validity
Not Before: Jun 19 09:27:40 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6853d80c-3909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:a7:77:17:b6:fe:63:a1:e0:f6:6e:67:b1:
4a:77:63:9f:d0:68:18:dc:66:8f:bc:83:8b:05:30:
7c:0f:67:f7:38:eb:45:42:84:6f:24:10:ac:45:d8:
52:9c:61:d6:98:17:1b:76:ef:6a:15:46:c9:b2:7b:
7d:3c:3d:f5:0d:55:57:26:1e:e6:3d:fc:9a:e5:c8:
15:ec:9c:70:7f:05:72:75:14:5b:54:8a:84:e1:4e:
2c:15:35:a9:99:3e:ed:b9:f2:1e:7b:6f:47:12:c7:
05:c4:a6:99:74:01:0f:95:27:65:d2:b0:f8:35:af:
85:31:64:e4:55:8c:59:92:30:e8:df:ae:55:ea:ac:
2c:61:73:72:47:9d:f1:f0:9f:ef:03:08:d5:18:e1:
08:8d:5a:5c:ab:86:b1:2a:26:6e:1d:56:3f:06:02:
13:51:eb:d8:ac:1f:5a:26:e6:aa:25:98:85:b0:1c:
25:69:9b:e8:77:f3:e5:7c:e1:f0:0d:10:45:02:0a:
a0:92:84:0b:eb:67:7c:16:0c:c5:1b:c3:8f:4f:fd:
c1:6b:03:bf:1f:f9:d2:f5:ec:95:c2:e1:f5:c1:19:
01:6f:ef:18:8c:9d:6a:0a:08:97:20:d7:92:9c:d5:
54:ec:54:c4:d3:71:e8:3f:e2:65:8b:a7:fc:76:ee:
97:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2C:6F:91:69:BA:29:E9:77:59:62:E5:7A:DA:45:C2:9A:30:61:8E
X509v3 Authority Key Identifier:
keyid:A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.100.0/22
103.161.168.0/23
202.173.120.0/22
IPv6:
2407:d40::/32
Signature Algorithm: sha256WithRSAEncryption
d4:60:c0:62:22:78:5c:85:0e:40:da:4e:c9:f9:be:c4:3b:8c:
5c:b1:65:56:7c:c7:81:77:d0:36:6f:ad:48:45:40:dc:57:0b:
44:de:39:4b:b6:0a:a8:b6:a6:a9:e2:8a:15:62:a4:3e:2f:42:
4f:39:8f:39:18:b8:22:33:ab:10:3e:3b:43:25:93:99:1a:43:
2c:29:e3:4f:55:20:27:8c:a7:8e:e5:43:8b:00:2d:50:82:2e:
cf:7e:76:ee:80:9a:1b:e4:0d:d5:7e:d3:b4:6a:ab:44:e1:a2:
53:3d:94:f6:5b:4d:e4:2d:a1:a6:7e:e7:fc:2d:8f:bf:a4:59:
ac:03:9c:94:23:32:b4:e8:ae:ea:37:12:22:2b:67:18:7b:78:
49:db:d3:80:16:28:7b:26:b2:88:cb:06:77:d8:28:0a:e0:5a:
20:21:e7:96:94:7c:88:18:6a:ff:e5:dd:5f:e3:db:3c:15:4e:
33:ef:a3:25:71:42:3e:81:a9:aa:45:d6:06:5f:c5:5b:a4:de:
55:e7:4c:2a:b2:a5:11:73:9c:91:1a:6b:e9:cf:9e:0a:ad:fa:
1f:ab:f4:ed:5b:26:0b:78:14:c2:14:41:22:f8:e1:83:6e:0c:
a2:f9:82:ae:0e:f8:09:6d:11:bb:c2:42:b4:ea:ba:9d:7e:48:
08:0e:9f:be
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcxQzIxMTAvBgNVBAUTKEE5RUFCQzI0NjUxMTZFRDExRDZDOENEQUUyMDExMjM3
Q0YxRjU5REYwHhcNMjUwNjE5MDkyNzQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUzZDgwYy0zOTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsbundxe2/mOh4PZuZ7FKd2Of0GgY3GaPvIOLBTB8D2f3OOtFQoRvJBCsRdhS
nGHWmBcbdu9qFUbJsnt9PD31DVVXJh7mPfya5cgV7JxwfwVydRRbVIqE4U4sFTWp
mT7tufIee29HEscFxKaZdAEPlSdl0rD4Na+FMWTkVYxZkjDo365V6qwsYXNyR53x
8J/vAwjVGOEIjVpcq4axKiZuHVY/BgITUevYrB9aJuaqJZiFsBwlaZvod/PlfOHw
DRBFAgqgkoQL62d8FgzFG8OPT/3BawO/H/nS9eyVwuH1wRkBb+8YjJ1qCgiXINeS
nNVU7FTE03HoP+Jli6f8du6XlQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFOMsb5Fp
uinpd1li5XraRcKaMGGOMB8GA1UdIwQYMBaAFKnqvCRlEW7RHWyM2uIBEjfPH1nf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzFDMi9ERTYxNjY2ODU1
QTkxMUVCOTlBRkRBNURDNEY5QUUwMi9xZXE4SkdVUmJ0RWRiSXphNGdFU044OGZX
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlcThKR1VSYnRFZGJJemE0Z0VTTjg4ZldkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcxQzIvREU2MTY2Njg1NUE5MTFFQjk5QUZEQTVEQzRGOUFFMDIvQTUzMDdFMjg0
Q0VGMTFGMDkyRjY5QzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIOAWQDBAFnoagDBALKrXgwDQQCAAIwBwMFACQHDUAwDQYJ
KoZIhvcNAQELBQADggEBANRgwGIieFyFDkDaTsn5vsQ7jFyxZVZ8x4F30DZvrUhF
QNxXC0TeOUu2Cqi2pqniihVipD4vQk85jzkYuCIzqxA+O0Mlk5kaQywp409VICeM
p47lQ4sALVCCLs9+du6AmhvkDdV+07Rqq0TholM9lPZbTeQtoaZ+5/wtj7+kWawD
nJQjMrToruo3EiIrZxh7eEnb04AWKHsmsojLBnfYKArgWiAh55aUfIgYav/l3V/j
2zwVTjPvoyVxQj6BqapF1gZfxVuk3lXnTCqypRFznJEaa+nPngqt+h+r9O1bJgt4
FMIUQSL44YNuDKL5gq4O+AltEbvCQrTqup1+SAgOn74=
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:59:55 2025 by rpki-client